On the Rise
What we do know is increasingly disturbing. A study of computer use in Australia's top 350 organisations in 1999 by the Victorian Computer Crime Squad and Deloitte Touche Tohmatsu found one in three had recorded unauthorised computer use and in 20 per cent of cases data was altered or destroyed.
IDC recently warned security breaches in the form of corporate espionage, cyberactivism, and cyberterrorism will become more prevalent in the form of vandalised Web sites, denial of service at e-commerce and support sites, and breach of trust. The research firm cites IT managers as saying 56 per cent of all discovered security breaches were illegally performed by internal people. In Australia, an encounter with a security breach such as a virus attack or unauthorised access to corporate resources is the primary driver motivating IT managers to deploy security measures for their enterprise, the research company says.
Access control will re-emerge as a new market to address internal threats and rising concern about the vulnerability of corporate data, according to IDC. It also predicts that the intrusion detection and vulnerability assessment sub-segments will become extremely popular, due to increasing concern of both external and internal threats.
"Enterprise focus on these areas will shift to a more equal balance between internal and external threats. In addition to virus assaults, unauthorised activities such as access to company information, usage of company IS systems, and modification of terminal configurations are the next most familiar types of security infringements Australian enterprises have come across. As enterprises open their virtual networks to accommodate the exchange of information and resources via the Internet, intranets, and extranets, these enterprises concurrently fall vulnerable to having undesired parties tamper and misuse corporate data and resources.
"This problem is further exacerbated by the fact that violations such as these are sometimes carried out not just by outsiders but by internal staff as well," IDC says.
But there can still be no definitive answer to the question: "How much of a threat is industrial espionage?"
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.